對於部署在 ECS 中的 django 應用程式容器,我在 ECS AWS 中執行的負載平衡器具有以下 terraform 配置:
resource "aws_lb" "api" {
name = "${local.prefix}-api"
load_balancer_type = "application"
subnets = [
aws_subnet.public_a.id,
aws_subnet.public_b.id
]
security_groups = [aws_security_group.lb_api.id]
tags = local.common_tags
}
resource "aws_lb_target_group" "api" {
name = "${local.prefix}-api"
protocol = "HTTP"
vpc_id = aws_vpc.main.id
target_type = "ip"
port = 8000
health_check {
path = "/admin/login/"
}
}
resource "aws_lb_listener" "api" {
load_balancer_arn = aws_lb.api.arn
port = 80
protocol = "HTTP"
default_action {
type = "redirect"
redirect {
port = "443"
protocol = "HTTPS"
status_code = "HTTP_301"
}
}
}
resource "aws_lb_listener" "api_https" {
load_balancer_arn = aws_lb.api.arn
port = 443
protocol = "HTTPS"
certificate_arn = aws_acm_certificate_validation.cert.certificate_arn
default_action {
type = "forward"
target_group_arn = aws_lb_target_group.api.arn
}
}
resource "aws_security_group" "lb_api" {
description = "Allow access to Application Load Balancer"
name = "${local.prefix}-lb-api"
vpc_id = aws_vpc.main.id
ingress {
protocol = "tcp"
from_port = 80
to_port = 80
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
protocol = "tcp"
from_port = 443
to_port = 443
cidr_blocks = ["0.0.0.0/0"]
}
egress {
protocol = "tcp"
from_port = 8000
to_port = 8000
cidr_blocks = ["0.0.0.0/0"]
}
tags = local.common_tags
}
我有一個幾乎相同的反應前端容器檔案。唯一的區別是“前端”中的“api”一詞的替換、目標組端口(在前端負載平衡器的情況下為 80)以及運行狀況檢查路徑(前端僅使用“/”)
當我只部署API時,我可以正常在瀏覽器上存取該應用程式。但是,當我新增前端負載平衡器時,我無法在瀏覽器中存取前端(錯誤「503 服務暫時無法使用」)。 django 應用程式繼續工作,但過了一段時間,它也崩潰了。
我查看了 ECS UI,發現叢集、任務和容器運行沒有問題。但我在健康檢查中不斷出現錯誤。我認為這個錯誤可能與連接埠映射有關。但映射是一致的容器定義文件。
這可能的原因是什麼?